From 09264767de39278f419cb12688366c3bd0dcc968 Mon Sep 17 00:00:00 2001 From: Thomas Woerner <twoerner@redhat.com> Date: Fri, 27 Aug 2021 18:46:35 +0200 Subject: [PATCH] sudocmdgroup: Use IPAAnsibleModule class ipaadmin_variables are handled by IPAAnsibleModule, ansible_module.params_get is used to get the parameters and ansible_module.ipa_connect is used to simplify the module. --- plugins/modules/ipasudocmdgroup.py | 69 +++++++++--------------------- 1 file changed, 21 insertions(+), 48 deletions(-) diff --git a/plugins/modules/ipasudocmdgroup.py b/plugins/modules/ipasudocmdgroup.py index 3d9e738b..8a77596e 100644 --- a/plugins/modules/ipasudocmdgroup.py +++ b/plugins/modules/ipasudocmdgroup.py @@ -32,13 +32,9 @@ DOCUMENTATION = """ module: ipasudocmdgroup short description: Manage FreeIPA sudocmd groups description: Manage FreeIPA sudocmd groups +extends_documentation_fragment: + - ipamodule_base_docs options: - ipaadmin_principal: - description: The admin principal - default: admin - ipaadmin_password: - description: The admin password - required: false name: description: The sudocmodgroup name required: false @@ -103,18 +99,15 @@ EXAMPLES = """ RETURN = """ """ -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils._text import to_text -from ansible.module_utils.ansible_freeipa_module import temp_kinit, \ - temp_kdestroy, valid_creds, api_connect, api_command, compare_args_ipa, \ - gen_add_del_lists, ipalib_errors +from ansible.module_utils.ansible_freeipa_module import \ + IPAAnsibleModule, compare_args_ipa, gen_add_del_lists, ipalib_errors def find_sudocmdgroup(module, name): args = {"all": True} try: - _result = api_command(module, "sudocmdgroup_show", to_text(name), args) + _result = module.ipa_command("sudocmdgroup_show", name, args) except ipalib_errors.NotFound: return None else: @@ -124,7 +117,7 @@ def find_sudocmdgroup(module, name): def gen_args(description, nomembers): _args = {} if description is not None: - _args["description"] = to_text(description) + _args["description"] = description if nomembers is not None: _args["nomembers"] = nomembers @@ -140,12 +133,9 @@ def gen_member_args(sudocmd): def main(): - ansible_module = AnsibleModule( + ansible_module = IPAAnsibleModule( argument_spec=dict( # general - ipaadmin_principal=dict(type="str", default="admin"), - ipaadmin_password=dict(type="str", required=False, no_log=True), - name=dict(type="list", aliases=["cn"], default=None, required=True), # present @@ -166,17 +156,15 @@ def main(): # Get parameters # general - ipaadmin_principal = ansible_module.params.get("ipaadmin_principal") - ipaadmin_password = ansible_module.params.get("ipaadmin_password") - names = ansible_module.params.get("name") + names = ansible_module.params_get("name") # present - description = ansible_module.params.get("description") - nomembers = ansible_module.params.get("nomembers") - sudocmd = ansible_module.params.get("sudocmd") - action = ansible_module.params.get("action") + description = ansible_module.params_get("description") + nomembers = ansible_module.params_get("nomembers") + sudocmd = ansible_module.params_get("sudocmd") + action = ansible_module.params_get("action") # state - state = ansible_module.params.get("state") + state = ansible_module.params_get("state") # Check parameters @@ -209,13 +197,9 @@ def main(): changed = False exit_args = {} - ccache_dir = None - ccache_name = None - try: - if not valid_creds(ansible_module, ipaadmin_principal): - ccache_dir, ccache_name = temp_kinit(ipaadmin_principal, - ipaadmin_password) - api_connect() + + # Connect to IPA API + with ansible_module.ipa_connect(): commands = [] @@ -255,9 +239,7 @@ def main(): if len(sudocmd_add) > 0: commands.append([name, "sudocmdgroup_add_member", { - "sudocmd": [to_text(c) - for c in - sudocmd_add] + "sudocmd": sudocmd_add } ]) # Remove members @@ -265,9 +247,7 @@ def main(): commands.append([name, "sudocmdgroup_remove_member", { - "sudocmd": [to_text(c) - for c in - sudocmd_del] + "sudocmd": sudocmd_del } ]) elif action == "member": @@ -277,7 +257,7 @@ def main(): # Ensure members are present commands.append([name, "sudocmdgroup_add_member", - {"sudocmd": [to_text(c) for c in sudocmd]} + {"sudocmd": sudocmd} ]) elif state == "absent": if action == "sudocmdgroup": @@ -291,7 +271,7 @@ def main(): # Ensure members are absent commands.append([name, "sudocmdgroup_remove_member", - {"sudocmd": [to_text(c) for c in sudocmd]} + {"sudocmd": sudocmd} ]) else: ansible_module.fail_json(msg="Unkown state '%s'" % state) @@ -303,8 +283,7 @@ def main(): # Execute commands for name, command, args in commands: try: - result = api_command(ansible_module, command, to_text(name), - args) + result = ansible_module.ipa_command(command, name, args) if action == "member": if "completed" in result and result["completed"] > 0: changed = True @@ -331,12 +310,6 @@ def main(): if len(errors) > 0: ansible_module.fail_json(msg=", ".join(errors)) - except Exception as e: - ansible_module.fail_json(msg=str(e)) - - finally: - temp_kdestroy(ccache_dir, ccache_name) - # Done ansible_module.exit_json(changed=changed, **exit_args) -- GitLab